What it is: The General Data Protection Regulation. The EU’s privacy law, in force since 2018. The UK kept a near-identical version (UK GDPR) after Brexit.

The five things GDPR requires for cookies:

1. Inform first: Tell visitors what cookies you use, who runs them, and why.
2. Get consent before: No tracking cookies until they say yes. (This is prior consent.)
3. Make rejecting easy: A “Reject all” option must be as visible as “Accept all.”
4. No pre-checked boxes: Visitors must actively opt in.
5. Let them change their mind: A way to withdraw consent at any time.

ConsentBit handles all five automatically when you:

• Use the default banner template (it shows "Accept" and "Reject" equally).
• Keep all categories unchecked by default in the granular panel
• Add a “Cookie Preferences” link to your footer (see Section 8.4)

Penalties: Up to €20 million or 4% of global revenue, whichever is higher.

‍